Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins groovy vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2016-0792
Multiple unspecified API endpoints in Jenkins prior to 1.650 and LTS prior to 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.
Jenkins Jenkins
Redhat Openshift 3.1
2 EDB exploits
2 Metasploit modules
4 Github repositories
7.5
CVSSv2
CVE-2021-21696
Jenkins 2.318 and previous versions, LTS 2.303.2 and previous versions does not limit agent read/write access to the libs/ directory inside build directories when using the FilePath APIs, allowing attackers in control of agent processes to replace the code of a trusted library wi...
Jenkins Jenkins
7.5
CVSSv2
CVE-2019-1003040
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55 and previous versions allows malicious users to invoke arbitrary constructors in sandboxed scripts.
Jenkins Script Security
Redhat Openshift Container Platform 3.11
7.5
CVSSv2
CVE-2019-1003041
A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Plugin 2.64 and previous versions allows malicious users to invoke arbitrary constructors in sandboxed scripts.
Jenkins Pipeline\\ Groovy
Redhat Openshift Container Platform 3.11
7.5
CVSSv2
CVE-2016-3102
The Script Security plugin prior to 1.18.1 in Jenkins might allow remote malicious users to bypass a Groovy sandbox protection mechanism via a plugin that performs (1) direct field access or (2) get/set array operations.
Jenkins Script Security 1.10
Jenkins Script Security 1.9
Jenkins Script Security 1.8
Jenkins Script Security 1.7
Jenkins Script Security 1.13
Jenkins Script Security 1.11
Jenkins Script Security 1.6
Jenkins Script Security 1.4
Jenkins Script Security 1.18
Jenkins Script Security 1.17
Jenkins Script Security 1.16
Jenkins Script Security 1.15
Jenkins Script Security 1.2
Jenkins Script Security 1.1
Jenkins Script Security 1.0
Jenkins Script Security 1.14
Jenkins Script Security 1.12
Jenkins Script Security 1.5
Jenkins Script Security 1.3
7.5
CVSSv2
CVE-2015-6420
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Se...
Apache Commons Collections
Apache Commons Collections 4.0
5 Github repositories
6.8
CVSSv2
CVE-2022-30945
Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and previous versions allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines.
Jenkins Pipeline\\ Groovy
6.8
CVSSv2
CVE-2019-1003008
A cross-site request forgery vulnerability exists in Jenkins Warnings Next Generation Plugin 2.1.1 and previous versions in src/main/java/io/jenkins/plugins/analysis/warnings/groovy/GroovyParser.java that allows malicious users to execute arbitrary code via a form validation HTTP...
Jenkins Warnings Next Generation
6.5
CVSSv2
CVE-2022-25182
A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and previous versions allows attackers with Item/Configure permission to execute arbitrary code on the Jenkins controller JVM using specially crafted library names if a global Pip...
Jenkins Pipeline\\ Shared Groovy Libraries
6.5
CVSSv2
CVE-2022-25183
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and previous versions uses the names of Pipeline libraries to create cache directories without any sanitization, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Je...
Jenkins Pipeline\\ Shared Groovy Libraries
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »